WMI (135)

WMIexec

wmiexec.py inlanefreight.local/wley:'transporter@4'@172.16.5.5 

$ /usr/share/doc/python3-impacket/examples/wmiexec.py Cry0l1t3:"P455w0rD!"@10.129.201.248 "hostname"

Impacket v0.9.22 - Copyright 2020 SecureAuth Corporation

[*] SMBv3.0 dialect used
ILF-SQL-01

From Windows Host

Command	Description
wmic qfe get Caption,Description,HotFixID,InstalledOn	Prints the patch level and description of the Hotfixes applied
wmic computersystem get Name,Domain,Manufacturer,Model,Username,Roles /format:List	Displays basic host information to include any attributes within the list
wmic process list /format:list	A listing of all processes on host
wmic ntdomain list /format:list	Displays information about the Domain and Domain Controllers
wmic useraccount list /format:list	Displays information about all local accounts and any domain accounts that have logged into the device
wmic group list /format:list	Information about all local groups
wmic sysaccount list /format:list	Dumps information about any system accounts that are being used as service accounts.